Touch screen technology has revolutionized digital devices such as smartphones and tablets to become more and more capable of handling everyday computing. Currently, consumers are able to perform tasks such as email, web browsing, word processing, and internet banking through a touch screen device and without the need of a traditional computer.
Current touch screen devices send the two-dimensional coordinates of a touch event to the device's operating system. A touch event occurs when the touch screen senses the proximity of some conductive object, for example a finger, which is within certain distance of one or more node sensors attached to the touch screen. The finger's capacitance interferes with the capacitance measured at the node sensor. The node sensor picks up a change in the measured capacitance, which shows up as a salient spike in capacitance on that particular node sensor. Touch screen node sensors are designed to forward capacitance values to a touch screen controller. Touch screen controllers are configured to forward the two-dimensional coordinates of the touch event when the salient spike exceeds some predetermined threshold.
Specifically, once the predetermined threshold is exceeded, the touch screen controller interpolates the touch position of the touch event and then sends the two-dimensional coordinates (e.g. X, Y coordinates) to the operating system on the device. The operating system then maps the two-dimensional coordinates from the touch screen controller to the two-dimensional coordinate space of the operating system to figure out whether the touch event falls onto a displayed control in order to trigger some action.
Current touch screen technology requires a two-step process for authentication and user touch inputs. The first step being some user-authentication to unlock the device or authorize the action. The second step being the subsequent user touch inputs that perform the desired action on the device. For example, traditional means of accessing a secured device involve the input of a user-ID and password. This method of authentication assumes that after the user-ID and password have been successfully entered, the subsequent actions are performed by the authorized user. However, this is susceptible to unauthorized access because a hijacker could simply steal or acquire the user-ID and password and then enter the stolen user-ID and password to gain access to the device. The device will still assume that the person performing the subsequent actions is the authorized user. Alternatively, the hijacker could simply steal the device after the authorized user has entered the password.
Current methods of authentication to combat the stolen user-ID and password scenario include techniques such as fingerprint scanning. Where a fingerprint scanner is embedded into the device, such as the current iPhone™ home button, so that the user is required to unlock the device using his unique fingerprint before performing subsequent touch events. However, this technique is still an indirect means of authentication. Hijackers may not be able to steal your fingerprint but, they may be able to acquire the device after it has been authenticated by an authorized user. Once authenticated and unlocked, the device still assumes that the subsequent touch events are performed by an authorized user, not the hijacker.
Other techniques may use technologies such as, Bluetooth or near field communication, to continually authenticate that the user is within the immediate vicinity. However, this implements the same two-step approach to authentication where the communication point between the Bluetooth device and the touch device is susceptible to hijacking. Once hijacked, the touch device will still assume that the authorized user is performing subsequent touch events.
The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.